Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Proactive Technology Management

Senior Consultant – Microsoft Purview, M365 Compliance Governance

Proactive Technology Management

Lead a governance engagement focusing on Microsoft Purview and M365 compliance for a regulated enterprise client. Oversee discovery, assessment, and implementation phases over a 90-day period.

Posted 5/6/2026contractFerndale • Missouri • 🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies
AzureCloudCyber Security

About the role

Key responsibilities & impact
  • Lead the Microsoft Purview and M365 compliance lane of a 90-day governance engagement that turns a Fortune-class regulated enterprise’s data, DLP, and Copilot exposure surface into a classified, labeled, retained, audited capability.
  • The engagement runs in two phases: Discovery & Assess (30 days) and Implement & Govern (60 days).
  • Inventory the client’s M365 information protection posture, deliver a prioritized governance backlog, and stand up a label taxonomy and auto-labeling policy.
  • Collaborate with a Power Platform CoE / ALM specialist, working on a shared Solution Architecture Document and milestone roadmap.

Requirements

What you’ll need
  • 5+ years delivering Microsoft Purview / M365 information protection in enterprise or mid-market environments, with at least 2 full lifecycles of label taxonomy design and deployment.
  • Microsoft Purview Information Protection — label taxonomy design, manual labeling, auto-labeling policies (client-side and service-side), label-driven encryption, and rights management.
  • Microsoft Purview Data Loss Prevention across Exchange, SharePoint, OneDrive, Teams, and Endpoint DLP — policy authoring, simulation mode, incident triage, exception workflow, and tuning to keep false-positive rate inside a defensible band.
  • Data classification using built-in, custom keyword, custom regex, exact-data-match, and trainable classifiers — including the data-engineering work to seed and validate them.
  • Retention labels and retention policies, records management, disposition review, and litigation-hold posture.
  • Microsoft Purview Audit (Standard and Premium) — audit log search, export, retention, and downstream SIEM integration.
  • SailPoint - Proven expertise with Identity Governance & Administration (IGA) platforms, specifically SailPoint.
  • Microsoft Compliance Manager — assessment selection, improvement actions, control implementation evidence, and executive reporting.
  • Purview for Copilot — DSPM-for-AI configuration, sensitivity-aware grounding, prompt and response auditing for Microsoft Copilot for M365 and Copilot Studio agents.
  • Microsoft Entra ID — conditional access, sensitivity-label-bound access policies, and the binding between identity, label, and DLP enforcement.
  • Working knowledge of Power Platform DLP so the M365 and Power Platform DLP surfaces compose coherently — you will partner with the Power Platform lane on this, but you must be able to reason about it end-to-end.
  • Microsoft Defender for Cloud Apps for shadow-IT discovery and SaaS DLP enrichment, where in scope.
  • Azure Monitor and Log Analytics — workspace design, diagnostic settings for M365 audit and Purview signals, KQL fluency, workbook authoring, alert rules, and action groups.
  • Microsoft Sentinel integration for governance signals and audit-log SIEM tier — connector deployment, analytic rule authoring, and incident workflow.
  • Power BI dashboards that report a value metric a non-technical executive can act on (label coverage, DLP incident rate, retention drift, AI prompt-risk).
  • Demonstrated ability to author and present architecture artifacts to a CTO-level audience: C4 diagrams, SADs, SDDs, milestone roadmaps.
  • A discovery toolkit you actually use — Lean UX, BPMN, Event Storming, or comparable methods for translating ambiguous client problems into a prioritized backlog with measurable outcomes.
  • Microsoft certifications: SC-400 (Information Protection & Compliance Administrator), SC-100 (Cybersecurity Architect Expert), SC-200 (Security Operations Analyst), SC-300 (Identity & Access Administrator).
  • Hands-on with Microsoft Priva for privacy management, data subject requests, and privacy risk policies.
  • eDiscovery (Standard and Premium) — case management, custodian holds, advanced indexing, and review-set culling.
  • Insider Risk Management and Communication Compliance policy design.
  • Experience with regulated frameworks — HIPAA, HITRUST, SOC 2, ISO 27001, FDA 21 CFR Part 11, GDPR, GLBA — and the documentation discipline they require.
  • Prior delivery in regulated environments (medical device, life sciences, healthcare, or financial services).
  • Experience as a subcontractor or partner-of-partner — you know how to represent PTM cleanly inside multi-vendor delivery teams and inside the end client’s governance forums.

Benefits

Comp & perks
  • Possibility of contract-to-hire

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Microsoft PurviewM365 information protectionlabel taxonomy designauto-labeling policiesData Loss Preventiondata classificationretention labelsMicrosoft Compliance ManagerMicrosoft Entra IDMicrosoft Defender for Cloud Apps
Soft Skills
collaborationpresentation skillsproblem-solvingcommunicationarchitecture artifact authoring
Certifications
SC-400SC-100SC-200SC-300